logo
about
careers
FAQs
privacy policyterms & conditionsfor employers
My ProfileMy MessagesMy NetworkMy SettingsGroupsEventsMy PostsLog Out

Vulnerability Management Lead (US) - Washington DC, New York, Los Angeles, or Mountain View

TikTok

Washington, DC

Why you should apply for a job with TikTok:

  • Employee well-being is supported via hybrid work, short-term counseling through our EAP and a premium subscription to Headspace.

  • We embrace diversity across all dimensions and provide employees with 9 employee resource groups globally, including our WOMEN ERG.

  • Comprehensive parental leave policy as well as fertility treatment through healthcare providers with a $20,000 lifetime maximum.

Get jobs straight to your inbox

Anonymous company reviews, virtual recruiting events, and a supportive community for women when you sign up.

#J2K7V

Position summary

TikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. TikTok has global offices, including Los Angeles, New York, London, Paris, Berlin, Dubai, Mumbai, Singapore, Jakarta, Seoul, and Tokyo. Our Global Security function provides services to TikTok's US market using four principles that guide our strategic and tactical operations. First, we champion trust and transparency, leading the charge in organizational transparency and execution of security and privacy capabilities that drive customer trust. Second, we are a business catalyst and enabler, embodying the DNA of technical innovation. Third, we drive risk-informed and empowered decision-making, giving our business leaders the information needed to make key decisions. Finally, we proactively identify and reduce risk while enabling innovative product development – to consistently build sustainable world-class and trusted security capabilities. The Vulnerability Management Lead will design and build a sustainable program alongside an incredible team of highly motivated and passionate security practitioners. The main focus of the role is to design and manage a world class vulnerability management program that will ingest threat intelligence and handle vulnerabilities. The key needs of the program are to develop an ability to assess and evaluate vulnerabilities through automated scanning, external bug bounty program, as well as specific offensive penetration and red team. As the Vulnerability Management Lead, you will manage a team responsible for managing vulnerabilities tracking, resolution and escalation. In this role, you and your team will manage vulnerability data repository, vulnerability scans, reporting, vulnerability analysis and remediation recommendation. This position requires deep analytical skills as well as a robust understanding of technology, tools, testing techniques and countermeasures. The person in this role will work at a high level and in the technical detail to build a program consisting of robust processes, leading technology, and should be able to mentor and advise other team members. Responsibilities: - Lead the design, build, and day-to-day operations of vulnerability management program - Own and drive the Vulnerability Management strategy for TikTok - Be a champion for vulnerability management and broaden awareness and use of the team’s services - Drive actionable metrics and reporting for operations and leadership transparency -  Develop processes, playbooks, and run-books for vulnerability management practices - Review and analyze cyber threats and provide SME support and training to junior level security analysts - Serve as subject matter expert related to vulnerability management and secure configuration - Collaborate with other security and IT professionals to assess potential impact of vulnerabilities specific to TikTok's environment, and determine and implement mitigating controls - Provide mentorship, coaching, performance management and support to team members with regard to vulnerability assessment, communication/rapport with other divisions, technical expertise, and career development - Apply problem solving and critical thinking to solve unique and sophisticated vulnerability management problems with a sense of urgency using a pragmatic approach - Facilitate exception handling and escalation - Support regulatory compliance monitoring and reporting - Maintain regular communication with business and security leadership for collaboration, process optimization, tools tuning, and information sharing Minimum Qualifications: - Bachelor’s Degree or industry equivalent work experience in vulnerability management in a security program - 8+ years experience in vulnerability management or related fields such as penetration testing, SOC, or threat intelligence - Expertise with enterprise vulnerability management platforms such as Qualys, Tenable, or Rapid7 - Expert in depth knowledge of security vulnerabilities - Ability to handle large datasets and perform vulnerability analysis - Ability to work alongside other security functions to determine vulnerability scoring and impact - Experience managing a team with diverse skillsets Preferred Qualifications: - CISSP, CISM, or equivalent certification - Experience working in a very large enterprise environment with diverse teams - Knowledge of PCI, ISO, NIST, and IT Controls - Advanced experience with vulnerability scanning tools and other security testing tools - Ability to adapt to a dynamic environment TikTok is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At TikTok, our mission is to inspire creativity and bring joy. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We believe individuals shouldn't be disadvantaged because of their background or identity, but instead should be considered based on their strengths and experience. We are passionate about this and hope you are too. TikTok is committed to providing reasonable accommodations during our recruitment process. If you need assistance or accommodation, please reach out to us at [email protected]

What are TikTok perks and benefits

Lactation facilities

Fertility

Unconscious bias training

Networking

Succession planning

Diversity recruiting

Diversity performance

Short term disability

Paid paternity

Paid maternity

Paid adoptive

About the company

TikTok

Industry: Technology: Consumer Internet

As the leading destination for short-form mobile video, our platform helps people around the world become a part of a global community. In a world that feels more divided than ever, we are here to inspire creativity and bring joy. We do this by embracing change, thriving in ambiguity, and always looking for solutions.

Why you should apply for a job with TikTok:

  • Employee well-being is supported via hybrid work, short-term counseling through our EAP and a premium subscription to Headspace.

  • We embrace diversity across all dimensions and provide employees with 9 employee resource groups globally, including our WOMEN ERG.

  • Comprehensive parental leave policy as well as fertility treatment through healthcare providers with a $20,000 lifetime maximum.

icon
© 2022 Fairygodboss. All rights reserved.